SecOps forum

SIR persona and role attribution

Hi All, This is a challenge I've faced frequently when implement SIR for a customer and I was wondering if there are any 'easier' solutions than messing around with ACLs to achieve it:- Simply put, the SIR OOTB provides for these roles: CISO / Manage...

Tenable Integration

Hi All, We are doing the configuration for the 'Vulnerability Response Integration with Tenable'. We have managed to make the data come to SN, but the process part is either erroring or ignoring the data. I manage to see that: The data is being ignor...

I'm not able to see native UI action button(create security incident ) in vulnerability workspace.

In native UI of vulnerability response I'm able to see create security incident button but in workspace I'm not able to find that button. how can I configure that ?

Configuration Compliance - Read Roles

Similar to our Vulnerability Response implementation, we want our teams that fix misconfigurations to only see the misconfigurations assigned to their Assignment Group. I assumed (incorrectly) that adding the sn_vulc.remediation_owner role would all...

Vulnerability response - Close vulnerable items

Hi All, Which script in vulnerability response application is triggered when a Vulnerability task is marked as "closed" that updates the corresponding Vulnerable Item record with the same close date ThanksVidyashree

can security incident response record be generated from vulnerability response module/ workspace ?

Closed VITs are reopening with Different CI From Tenable

Hi Experts,We are facing an issue with VITs are re-opened with Different CI (Retired/stale CI) from Tenable.Need inputs on how to fix this.Thanks in advance.

Resolved! VR Unassign approval notifications

When an exception, false positive or unassign request is raised on VIs or RTs then approval records are created as per the VR Approval rules. In case of exceptions and false positives the notifications are sent to all the approvers for each VI or RT....

Integration script for Black Duck Application List Integration.

On the scheduled job ‘ Blackduck Applicaton List Integration: I am trying to add script to only import the project and project versions that are in the ‘Released’ SDLC Status. It will helpful for me if anyone explain how the process of this integrati...

Resolved! VR Assignment Rule Script - Secondary Rules not running

I have a primary VR assignment rule that uses a script to query information from related Business Applications for assignment information. I have 4 more secondary assignment rules developed, but they are never used for assignment. The secondary rule...

we see those jobs are in queued state in background jobs

After apply remediation task rules, we see those jobs are in queued state in background jobs and are not moving further. We are unable to group Vulnerabilities based on remediation task rules

Rapid7 With Data Warehouse Server

This question is 2 fold. The more important at this time is connecting and pulling data from a Rapid7 Data Warehouse server. I followed all the instructions I could find to get this set up. We have a Windows server running PostgreSQL 17 and the ra...

Reapplying Repair Tasks when Vulnerability Information is Updated in SeqOps-VR

We are using SeqOps-VR to import vulnerability information from a third party (InsightVM).In addition, Remediation tasks are created based on the severity of the vulnerability in the Remediation task rules. After low severity vulnerability informatio...

Vulnerability scan of third party product (Insight VM) to close vulnerable items.

We are using SeqOps-VR to capture vulnerability information from a third party (InsightVM). After implementing a vulnerability response for a certain vulnerable item,If the vulnerability is re-scanned by InsightVM and the vulnerability is no longer o...

Vulnerable item SLA not working

Hello Everyone, When the risk rating of a vulnerability changes from one level to another, the SLO should begin or begin again when the rating changes. Basically the SLO clock should Restart anytime the Risk Rating changes. Example of the current er...

Forum Posts

SIR persona and role attribution

Tenable Integration

I'm not able to see native UI action button(create security incident ) in vulnerability workspace.

Configuration Compliance - Read Roles

Vulnerability response - Close vulnerable items

can security incident response record be generated from vulnerability response module/ workspace ?

Closed VITs are reopening with Different CI From Tenable

Resolved! VR Unassign approval notifications

Integration script for Black Duck Application List Integration.

Resolved! VR Assignment Rule Script - Secondary Rules not running

we see those jobs are in queued state in background jobs

Rapid7 With Data Warehouse Server

Reapplying Repair Tasks when Vulnerability Information is Updated in SeqOps-VR

Vulnerability scan of third party product (Insight VM) to close vulnerable items.

Vulnerable item SLA not working

ServiceNow sends a notification of SIR update with...

VR Remediation Efforts for Remediation Tasks

Download Template is not working in UI Page

Sending an Entra MFA Push through ServiceNow

Flow is throwing an error while creating a record ...

I just need to understand difference b/w Work note...

Ref info button is not working for CVITs table

Clarification on CIS–Vulnerability Response Exam V...

"ACL Exception Insert Failed due to security const...

Question about July 31 Transition for Wiz Built St...

CI Lookup Rule - Auto promote on certain classes

Not able to install VR plugin in PDI

How to create reports for MTTR, TTR and Total time...

How can I add multiple CIs to the Security Inciden...

'Public Exploit' field in Vulnerability